Archive for August, 2005

Pakistan Honeynet Project has been awarded the 1st ever National Free and Open Source Software Award 2005 on the occasion of the 1st National Free and Open Source Software Awareness Campaign FOSSAC’2005.

Philippine Honeynet Project joins Research Alliance: The Philippine Honeynet Project, based at Ateneo de Manila University, has joined the Honeynet Project’s Research Alliance. More details about the group can be found here http://www.philippinehoneynet.org/

VMWare Stealth Patch released by French Honeynet Project. Kostya Kortchinsky of the French Honeynet Project has release a new version of his patch for VMware that allow operators to further obfuscate VMware used as a honeypot. http://www.securityfocus.com/archive/119/349385http://honeynet.rstack.org/tools/vmpatch.c New features include the ability to create a virtual host without the VMWare backdoor, modify the graphics card and set a non VMWare MAC address.

Activeworx update Honeynet Security Console. Activeworx have released an updated version of their free HSC tool: http://www.activeworx.org “Activeworx is pleased to announce the release of Honeynet Security Console(HSC) version 2.5 For Windows 2000/XP. HSC is a free analysis tool to view events on your personal network or honeynet. It gives you the power to view events from Snort, TCPDump, Firewall, Syslog and Sebek logs. This tool is not only for honeynets, it is also a great interface to view snort events. With both HSC and IDS Policy Manager (also at activeworx.org) you have a free complete solution to manage your snort rules and view the events. The release of HSC v2.5 adds many new features. These including new graphs, printing, copying events and overall look and feel. Here are some additional
changes: Added – Print events from event grids
Added – Refresh Unique Events
Added – Event Overview now shows 24 hour, 7 day, 30 day and 90 day graphs Added – Search output to Time of Day Graphs Added – Ctrl-C now copies highlighted events to the clipboard Added – Priority Graphs have been cleaned up Added – Task Filter options with finite values now have a drop down values Added – Viewing IDS events are more descriptive Added – Support for email authentication Added – Visual changes throughout the app make it more pleasant to the eye and easier to use.”